Types of Footprinting

  1. Internal Footprinting

Footprinting performed inside the network is known as internal footprinting . In internal foorprinting attack may access internal network or is directly or indirectly connected to the internal network.

Following attacks or mechanism can be used for internal footprinting 

  • Dumpster Diving
    Looking for sensitive information in garbage or dumps is known as dumpster diving . Sometimes attacker may find a piece of paper or some important documents from which sensitive information can be retrieved . When penetration testing or hacking is performed each and every possible aspects of gathering information is taken into consideration .
  • Shoulder Surfing :
    Looking at shoulder or guessing the password by viewing a person typing or indirectly seeking into his hand movement to get password .Sometimes it provides quite sensitive information
  • Private Websites :
    If attacker found any private websites of the target , it became treasure for him as he can gain bunch of sensitive information like employee and client details etc.

2. External Footprinting

  • Website :
    websites of the  target may contain some sensitive information or may be vulnerable . From the website , attacker can easily get the contact details like e-mail and phone numbers
    Using phone numbers , attacker can simply call and performs social engineering in order to gain sensitive information besides attacker can also perform social engineering over e-mails
  • Google
    Google is one of the biggest search engine and helping hand for a hacker .Sometimes simply googling about target can give much sensitive information like admin Google help both actively  and passively in gaining sensitive information . For example if you google for XYZ you may get his picture his address about upcoming events or more of sensitive information about target.
  • Whois
    whois is a tool (both application and web application level) which is used to gather information about target domain like name server , domain records , admin contacts and other relative information.
    Whois is one the major information provider and this information is used in writing penetration testing reports It is a great database  which contains records of almost every domain name .
    website (https://who.is/)
  • Domain Name Server (DNS)
    DNS footprinting can provide information same as of whois , sometimes attacker get sensitive information which lead to compromise of Domain of target
  • Social Networking
    Public profiles on social network contain contact information and activity details . Target may be social engineered easily over social networking which lead to disclosure of sensitive information
  • Social Engineering
    Social engineering is art of human exploitation. It is one of the major attack which leads to vast compromises . Social engineering may be tool based or human based
    In tool based social engineering , tool like Phishing . tabnapping and social engineering toolkits are used.
    In human based social engineering , manipulating the target is used to gain sensitive information like client details password, etc
  • Archive Websites
    There are some websites over internet which keeps archive of almost every websites . looking in archive can provide sensitive information about the target . Way Back Machine is one of the website which contains archives of websites.
    link (https://archive.org/web/)

Leave a Reply

Your email address will not be published. Required fields are marked *